ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

Difference between pages "Bibliography" and "Grml"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
m
 
 
Line 1: Line 1:
=Disk Disposal and Data Recovery=
+
{{expand}}
* [http://www.deepspar.com/pdf/DeepSparDiskImagingWhitepaper3.pdf Disk Imaging: A Vital Step in Data Recovery], DeepSpar Data Recovery Systems, November 2006. An in depth look at the many issues that cause data loss / irretrievable data in the data recovery imaging process and how to overcome them.
+
* [http://www.actionfront.com/ts_whitepaper.asp Drive-Independent Data Recovery: The Current State-of-the-Art], ActionFront Data Recovery Labs, August 2005.
+
* [[Recovering Overwritten Data#The Gutmann Paper|Secure Deletion of Data from Magnetic and Solid-State Memory]], Peter Gutmann, Proceedings of the Sixth Usenix Security Symposium, 1996. [http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html]
+
* [http://www-03.ibm.com/financing/pdf/us/recovery/igf4-a032.pdf Hard Drive Disposal: The Overlooked Confidentiality Exposure], FInancial Perspectives, IBM White Paper, November 2003.
+
  
=Evidence Gathering=
+
{{Infobox_Software |
 +
  name = grml |
 +
  maintainer = [[grml team]] |
 +
  os = {{Linux}} |
 +
  genre = {{Live CD}} |
 +
  license = {{GPL}}, others |
 +
  website = [http://grml.org/ grml.org/] |
 +
}}
  
* [http://utdallas.edu/~sxs018540/index/docs/byteprints_itcc05.pdf Byteprints: A Tool to Gather Digital Evidence], Sriranjani Sitaraman, Srinivasan Krishnamurthy and S. Venkatesan, Proceedings of the International Conference on Information Technology (ITCC 2005), Las Vegas, Nevada, USA, April 4 - 6, 2005
+
'''grml''' is a forensic [[Live CD]] based on [[Debian]].
  
=Fake Information=
+
== Overview ==
  
* [https://analysis.mitre.org/proceedings/Final_Papers_Files/84_Camera_Ready_Paper.pdf Automatic Detection of Fake File Systems], Neil C. Rowe, International Conference on Intelligence Analysis Methods and Tools, McLean, Virginia, May 2005.
+
grml enables write blocking during early stage of boot process.
  
=Feature Extraction and Data Fusion=
+
== External Links ==
Computer Location Determination Through Geoparsing and Geocoding of
+
* [http://grml.org/ Project site]
Extracted Features
+
http://www2.chadsteel.com:8080/Publications/drive_location2.doc
+
 
+
 
+
=File Carving=
+
 
+
* [http://citeseer.ist.psu.edu/shanmugasundaram03automatic.html  Automatic Reassembly of Document Fragments via Context Based Statistical Models], Kulesh Shanmugasundaram and Nasir Memon.
+
 
+
 
+
=Signed Evidence=
+
<bibtex>
+
@article{duerr-2004,
+
  title="Information Assurance Applied to Authentication of Digital Evidence",
+
  author="Thomas E. Duerr and Nicholas D. Beser and Gregory P. Staisiunas",
+
  year=2004,
+
  journal="Forensic Science Communications",
+
  volume=6,
+
  number=4,
+
  url="http://www.fbi.gov/hq/lab/fsc/backissu/oct2004/research/2004_10_research01.htm"
+
}
+
</bibtex>
+
 
+
 
+
<bibtex>
+
@article{OppligerR03,
+
  author    = {Rolf Oppliger and Ruedi Rytz},
+
  title    = {Digital Evidence: Dream and Reality},
+
  journal  = {IEEE Security {\&} Privacy},
+
  volume    = {1},
+
  number    = {5},
+
  year      = {2003},
+
  pages    = {44-48},
+
  url      = {http://doi.ieeecomputersociety.org/10.1109/MSECP.2003.1236234},
+
  abstract="Digital evidence is inherently weak. New evidence-gathering technologies-digital black boxes-must be developed and deployed to support investigations of irreproducible events such as digitally signing a document."
+
}
+
</bibtex>
+
=Other Papers=
+
 
+
* [http://papers.ssrn.com/sol3/papers.cfm?abstract_id=531782 A Model for When Disclosure Helps Security: What is Different About Computer and Network Security?], Peter P. Swire, Moritz College of Law of the Ohio State University, Journal on Telecommunications and High Technology Law, Vol. 2, 2004.
+

Latest revision as of 10:40, 28 July 2012

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

grml
Maintainer: grml team
OS: Linux
Genre: Live CD
License: GPL, others
Website: grml.org/

grml is a forensic Live CD based on Debian.

Overview

grml enables write blocking during early stage of boot process.

External Links